admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-29T03:00:24.898739+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-29 03:00:28 +00:00
parent e4e480dbda
commit 2cf8e8674d
47 changed files with 1705 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
CVE-2021/CVE-2021-270xx/CVE-2021-27064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27064",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:15.343",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:38.447",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-270xx/CVE-2021-27067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27067",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:15.407",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:38.650",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28448",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.017",
"lastModified": "2021-04-21T01:42:14.957",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:38.850",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28449",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.077",
"lastModified": "2021-04-21T01:37:51.280",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.030",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28450.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28450",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.140",
"lastModified": "2021-04-19T23:29:18.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.210",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Denial of Service Update"
"value": "Microsoft SharePoint Denial of Service Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",

28
CVE-2021/CVE-2021-284xx/CVE-2021-28451.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28451",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.220",
"lastModified": "2021-04-19T23:43:01.933",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28454."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28452",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.280",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.563",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

26
CVE-2021/CVE-2021-284xx/CVE-2021-28453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28453",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.343",
"lastModified": "2021-06-04T18:36:55.787",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.757",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28454.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28454",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.407",
"lastModified": "2021-04-20T22:21:37.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:39.943",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28451."
"value": "Microsoft Excel Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28456",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.470",
"lastModified": "2021-04-20T22:20:18.460",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:40.137",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28457.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28457",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.530",
"lastModified": "2021-04-20T22:19:36.837",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:40.310",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28469, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28458",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.610",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:40.487",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

26
CVE-2021/CVE-2021-284xx/CVE-2021-28459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28459",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.673",
"lastModified": "2021-04-20T21:52:18.740",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:40.660",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28460",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.733",
"lastModified": "2021-04-20T20:48:26.880",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:40.890",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",

26
CVE-2021/CVE-2021-284xx/CVE-2021-28464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28464",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.797",
"lastModified": "2021-04-20T20:44:06.537",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:41.093",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28466.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28466",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.860",
"lastModified": "2021-04-20T17:44:45.897",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:41.263",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28468."
"value": "Raw Image Extension Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28468.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28468",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.923",
"lastModified": "2021-04-20T17:43:03.470",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:41.433",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28466."
"value": "Raw Image Extension Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28469.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28469",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:20.970",
"lastModified": "2021-04-20T17:19:28.657",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:41.620",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28473, CVE-2021-28475, CVE-2021-28477."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28470",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.030",
"lastModified": "2021-04-20T17:18:02.883",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:41.797",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28471",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.093",
"lastModified": "2021-04-20T17:14:00.667",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.010",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28472",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.203",
"lastModified": "2021-04-20T16:54:20.610",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.177",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28473.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28473",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.267",
"lastModified": "2021-04-16T21:21:43.403",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.373",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28475, CVE-2021-28477."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28475.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28475",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.343",
"lastModified": "2021-04-16T21:22:07.843",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.540",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28477."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28477.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28477",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.407",
"lastModified": "2021-04-16T21:22:20.597",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.733",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28475."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

28
CVE-2021/CVE-2021-284xx/CVE-2021-28480.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28480",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.470",
"lastModified": "2021-04-14T13:00:04.313",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:42.943",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28481.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28481",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.530",
"lastModified": "2021-04-14T12:58:49.327",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:43.157",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28482, CVE-2021-28483."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28482.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28482",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.577",
"lastModified": "2021-04-14T12:58:09.203",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:43.337",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28483.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28483",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-04-13T20:15:21.640",
"lastModified": "2021-04-14T13:01:40.160",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T01:15:43.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28482."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
],
"cvssMetricV2": [

55
CVE-2023/CVE-2023-234xx/CVE-2023-23431.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23431",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:43.803",
"lastModified": "2023-12-29T02:15:43.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23431/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

55
CVE-2023/CVE-2023-234xx/CVE-2023-23432.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23432",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.063",
"lastModified": "2023-12-29T02:15:44.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23432/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

55
CVE-2023/CVE-2023-234xx/CVE-2023-23433.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23433",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.253",
"lastModified": "2023-12-29T02:15:44.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23433/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

43
CVE-2023/CVE-2023-234xx/CVE-2023-23434.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-23434",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.437",
"lastModified": "2023-12-29T02:15:44.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23434/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

55
CVE-2023/CVE-2023-234xx/CVE-2023-23435.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23435",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.597",
"lastModified": "2023-12-29T02:15:44.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23435/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

55
CVE-2023/CVE-2023-234xx/CVE-2023-23436.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23436",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.783",
"lastModified": "2023-12-29T02:15:44.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23436/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
}
]
}

109
CVE-2023/CVE-2023-294xx/CVE-2023-29485.json
View File

@ -2,19 +2,120 @@
"id": "CVE-2023-29485",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T01:15:32.700",
"lastModified": "2023-12-21T02:24:16.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-29T02:21:17.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes omitir el filtrado de red, ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00f3dulo de prevenci\u00f3n de amenazas DarkLayer Guard."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5.3",
"matchCriteriaId": "A77CAF90-FF93-4F80-9FF8-6318D80BA966"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.9",
"matchCriteriaId": "AF6E8BE4-9359-4FFE-AAF5-91CEF7EF892F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-294xx/CVE-2023-29486.json
View File

@ -2,19 +2,120 @@
"id": "CVE-2023-29486",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T01:15:32.790",
"lastModified": "2023-12-21T02:24:16.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-29T02:20:40.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en las versiones 3.4.2 y anteriores al 3.7.0 del agente Heimdal Thor en Windows, que permite a los atacantes omitir las restricciones de acceso USB, ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del componente antivirus de pr\u00f3xima generaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.7.0",
"matchCriteriaId": "81ED23F2-9637-4AB3-949C-7A7BE73A6BF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.9",
"matchCriteriaId": "AF6E8BE4-9359-4FFE-AAF5-91CEF7EF892F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-312xx/CVE-2023-31292.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31292",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T02:15:44.983",
"lastModified": "2023-12-29T02:15:44.983",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via \"Back Button Refresh\" attack."
}
],
"metrics": {},
"references": [
{
"url": "https://herolab.usd.de/en/security-advisories/usd-2022-0051/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-312xx/CVE-2023-31298.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31298",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T02:15:45.037",
"lastModified": "2023-12-29T02:15:45.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user."
}
],
"metrics": {},
"references": [
{
"url": "https://herolab.usd.de/en/security-advisories/usd-2022-0060/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-313xx/CVE-2023-31301.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31301",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T02:15:45.080",
"lastModified": "2023-12-29T02:15:45.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log."
}
],
"metrics": {},
"references": [
{
"url": "https://herolab.usd.de/en/security-advisories/usd-2022-0059/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-433xx/CVE-2023-43314.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-43314",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-09-27T23:15:12.057",
"lastModified": "2023-11-07T04:21:20.897",
"lastModified": "2023-12-29T01:15:43.687",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0\u00a0could allow an authenticated attacker with administrator privileges to cause a denial of service condition via a crafted uid.\n\n"
"value": "The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0\u00a0could allow an authenticated attacker to cause a denial of service condition via a crafted uid.\n\n"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "security@zyxel.com.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,23 +37,23 @@
"impactScore": 3.6
},
{
"source": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
@ -70,7 +70,7 @@
]
},
{
"source": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{

47
CVE-2023/CVE-2023-466xx/CVE-2023-46624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46624",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-19T22:15:07.673",
"lastModified": "2023-12-20T13:50:37.240",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-29T02:56:36.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:parcelpro:parcel_pro:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.11",
"matchCriteriaId": "5D422A1A-B9E0-4941-8112-4787CC8F2489"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-parcel-pro/wordpress-parcel-pro-plugin-1-6-3-open-redirection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-517xx/CVE-2023-51764.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51764",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-24T05:15:08.273",
"lastModified": "2023-12-26T21:15:07.783",
"lastModified": "2023-12-29T02:15:45.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -36,6 +36,14 @@
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/duy-31/CVE-2023-51764",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/eeenvik1/CVE-2023-51764",
"source": "cve@mitre.org"
},
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
"source": "cve@mitre.org"

88
CVE-2023/CVE-2023-71xx/CVE-2023-7143.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7143",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T01:15:43.917",
"lastModified": "2023-12-29T01:15:43.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Client Details System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname/lname/email/contact leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249146 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/h4md153v63n/CVEs/blob/main/Client_Details_System/Client_Details_System-Blind_Cross_Site_Scripting.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249146",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249146",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-71xx/CVE-2023-7144.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7144",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T01:15:44.137",
"lastModified": "2023-12-29T01:15:44.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249147."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/4HDWrBHGCf9e",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249147",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249147",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-71xx/CVE-2023-7145.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7145",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T02:15:45.180",
"lastModified": "2023-12-29T02:15:45.180",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249148."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/LEbo1ypfzfQh",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249148",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249148",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-71xx/CVE-2023-7146.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7146",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T02:15:45.387",
"lastModified": "2023-12-29T02:15:45.387",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249149 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/jRqEcVBTsZh4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249149",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249149",
"source": "cna@vuldb.com"
}
]
}

85
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-29T00:55:26.382121+00:00
2023-12-29T03:00:24.898739+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-29T00:15:50.740000+00:00
2023-12-29T02:56:36.643000+00:00
```
### Last Data Feed Release
@ -23,60 +23,63 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-12-28T01:00:28.273762+00:00
2023-12-29T01:00:28.272932+00:00
```
### Total Number of included CVEs
```plain
234380
234393
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `13`
* [CVE-2023-50448](CVE-2023/CVE-2023-504xx/CVE-2023-50448.json) (`2023-12-28T23:15:43.500`)
* [CVE-2023-52083](CVE-2023/CVE-2023-520xx/CVE-2023-52083.json) (`2023-12-28T23:15:43.557`)
* [CVE-2023-52084](CVE-2023/CVE-2023-520xx/CVE-2023-52084.json) (`2023-12-28T23:15:43.777`)
* [CVE-2023-52152](CVE-2023/CVE-2023-521xx/CVE-2023-52152.json) (`2023-12-28T23:15:44.197`)
* [CVE-2023-7139](CVE-2023/CVE-2023-71xx/CVE-2023-7139.json) (`2023-12-28T23:15:44.263`)
* [CVE-2023-7140](CVE-2023/CVE-2023-71xx/CVE-2023-7140.json) (`2023-12-28T23:15:44.623`)
* [CVE-2023-50104](CVE-2023/CVE-2023-501xx/CVE-2023-50104.json) (`2023-12-29T00:15:50.233`)
* [CVE-2023-52085](CVE-2023/CVE-2023-520xx/CVE-2023-52085.json) (`2023-12-29T00:15:50.300`)
* [CVE-2023-7141](CVE-2023/CVE-2023-71xx/CVE-2023-7141.json) (`2023-12-29T00:15:50.517`)
* [CVE-2023-7142](CVE-2023/CVE-2023-71xx/CVE-2023-7142.json) (`2023-12-29T00:15:50.740`)
* [CVE-2023-7143](CVE-2023/CVE-2023-71xx/CVE-2023-7143.json) (`2023-12-29T01:15:43.917`)
* [CVE-2023-7144](CVE-2023/CVE-2023-71xx/CVE-2023-7144.json) (`2023-12-29T01:15:44.137`)
* [CVE-2023-23431](CVE-2023/CVE-2023-234xx/CVE-2023-23431.json) (`2023-12-29T02:15:43.803`)
* [CVE-2023-23432](CVE-2023/CVE-2023-234xx/CVE-2023-23432.json) (`2023-12-29T02:15:44.063`)
* [CVE-2023-23433](CVE-2023/CVE-2023-234xx/CVE-2023-23433.json) (`2023-12-29T02:15:44.253`)
* [CVE-2023-23434](CVE-2023/CVE-2023-234xx/CVE-2023-23434.json) (`2023-12-29T02:15:44.437`)
* [CVE-2023-23435](CVE-2023/CVE-2023-234xx/CVE-2023-23435.json) (`2023-12-29T02:15:44.597`)
* [CVE-2023-23436](CVE-2023/CVE-2023-234xx/CVE-2023-23436.json) (`2023-12-29T02:15:44.783`)
* [CVE-2023-31292](CVE-2023/CVE-2023-312xx/CVE-2023-31292.json) (`2023-12-29T02:15:44.983`)
* [CVE-2023-31298](CVE-2023/CVE-2023-312xx/CVE-2023-31298.json) (`2023-12-29T02:15:45.037`)
* [CVE-2023-31301](CVE-2023/CVE-2023-313xx/CVE-2023-31301.json) (`2023-12-29T02:15:45.080`)
* [CVE-2023-7145](CVE-2023/CVE-2023-71xx/CVE-2023-7145.json) (`2023-12-29T02:15:45.180`)
* [CVE-2023-7146](CVE-2023/CVE-2023-71xx/CVE-2023-7146.json) (`2023-12-29T02:15:45.387`)
### CVEs modified in the last Commit
Recently modified CVEs: `137`
Recently modified CVEs: `33`
* [CVE-2021-34519](CVE-2021/CVE-2021-345xx/CVE-2021-34519.json) (`2023-12-28T23:15:40.263`)
* [CVE-2021-34520](CVE-2021/CVE-2021-345xx/CVE-2021-34520.json) (`2023-12-28T23:15:40.443`)
* [CVE-2021-34521](CVE-2021/CVE-2021-345xx/CVE-2021-34521.json) (`2023-12-28T23:15:40.643`)
* [CVE-2021-34522](CVE-2021/CVE-2021-345xx/CVE-2021-34522.json) (`2023-12-28T23:15:40.847`)
* [CVE-2021-34523](CVE-2021/CVE-2021-345xx/CVE-2021-34523.json) (`2023-12-28T23:15:41.100`)
* [CVE-2021-34525](CVE-2021/CVE-2021-345xx/CVE-2021-34525.json) (`2023-12-28T23:15:41.353`)
* [CVE-2021-34527](CVE-2021/CVE-2021-345xx/CVE-2021-34527.json) (`2023-12-28T23:15:41.593`)
* [CVE-2021-34528](CVE-2021/CVE-2021-345xx/CVE-2021-34528.json) (`2023-12-28T23:15:41.993`)
* [CVE-2021-34529](CVE-2021/CVE-2021-345xx/CVE-2021-34529.json) (`2023-12-28T23:15:42.230`)
* [CVE-2021-36928](CVE-2021/CVE-2021-369xx/CVE-2021-36928.json) (`2023-12-28T23:15:42.460`)
* [CVE-2021-36929](CVE-2021/CVE-2021-369xx/CVE-2021-36929.json) (`2023-12-28T23:15:42.783`)
* [CVE-2021-36931](CVE-2021/CVE-2021-369xx/CVE-2021-36931.json) (`2023-12-28T23:15:43.020`)
* [CVE-2021-36934](CVE-2021/CVE-2021-369xx/CVE-2021-36934.json) (`2023-12-28T23:15:43.247`)
* [CVE-2021-27068](CVE-2021/CVE-2021-270xx/CVE-2021-27068.json) (`2023-12-29T00:15:47.750`)
* [CVE-2021-28455](CVE-2021/CVE-2021-284xx/CVE-2021-28455.json) (`2023-12-29T00:15:47.940`)
* [CVE-2021-31177](CVE-2021/CVE-2021-311xx/CVE-2021-31177.json) (`2023-12-29T00:15:48.423`)
* [CVE-2021-31180](CVE-2021/CVE-2021-311xx/CVE-2021-31180.json) (`2023-12-29T00:15:48.643`)
* [CVE-2021-31204](CVE-2021/CVE-2021-312xx/CVE-2021-31204.json) (`2023-12-29T00:15:49.127`)
* [CVE-2022-43680](CVE-2022/CVE-2022-436xx/CVE-2022-43680.json) (`2023-12-29T00:15:49.437`)
* [CVE-2023-1183](CVE-2023/CVE-2023-11xx/CVE-2023-1183.json) (`2023-12-29T00:15:49.557`)
* [CVE-2023-37457](CVE-2023/CVE-2023-374xx/CVE-2023-37457.json) (`2023-12-29T00:15:49.697`)
* [CVE-2023-38703](CVE-2023/CVE-2023-387xx/CVE-2023-38703.json) (`2023-12-29T00:15:49.813`)
* [CVE-2023-49294](CVE-2023/CVE-2023-492xx/CVE-2023-49294.json) (`2023-12-29T00:15:49.930`)
* [CVE-2023-49786](CVE-2023/CVE-2023-497xx/CVE-2023-49786.json) (`2023-12-29T00:15:50.043`)
* [CVE-2023-50044](CVE-2023/CVE-2023-500xx/CVE-2023-50044.json) (`2023-12-29T00:15:50.170`)
* [CVE-2021-28454](CVE-2021/CVE-2021-284xx/CVE-2021-28454.json) (`2023-12-29T01:15:39.943`)
* [CVE-2021-28456](CVE-2021/CVE-2021-284xx/CVE-2021-28456.json) (`2023-12-29T01:15:40.137`)
* [CVE-2021-28457](CVE-2021/CVE-2021-284xx/CVE-2021-28457.json) (`2023-12-29T01:15:40.310`)
* [CVE-2021-28458](CVE-2021/CVE-2021-284xx/CVE-2021-28458.json) (`2023-12-29T01:15:40.487`)
* [CVE-2021-28459](CVE-2021/CVE-2021-284xx/CVE-2021-28459.json) (`2023-12-29T01:15:40.660`)
* [CVE-2021-28460](CVE-2021/CVE-2021-284xx/CVE-2021-28460.json) (`2023-12-29T01:15:40.890`)
* [CVE-2021-28464](CVE-2021/CVE-2021-284xx/CVE-2021-28464.json) (`2023-12-29T01:15:41.093`)
* [CVE-2021-28466](CVE-2021/CVE-2021-284xx/CVE-2021-28466.json) (`2023-12-29T01:15:41.263`)
* [CVE-2021-28468](CVE-2021/CVE-2021-284xx/CVE-2021-28468.json) (`2023-12-29T01:15:41.433`)
* [CVE-2021-28469](CVE-2021/CVE-2021-284xx/CVE-2021-28469.json) (`2023-12-29T01:15:41.620`)
* [CVE-2021-28470](CVE-2021/CVE-2021-284xx/CVE-2021-28470.json) (`2023-12-29T01:15:41.797`)
* [CVE-2021-28471](CVE-2021/CVE-2021-284xx/CVE-2021-28471.json) (`2023-12-29T01:15:42.010`)
* [CVE-2021-28472](CVE-2021/CVE-2021-284xx/CVE-2021-28472.json) (`2023-12-29T01:15:42.177`)
* [CVE-2021-28473](CVE-2021/CVE-2021-284xx/CVE-2021-28473.json) (`2023-12-29T01:15:42.373`)
* [CVE-2021-28475](CVE-2021/CVE-2021-284xx/CVE-2021-28475.json) (`2023-12-29T01:15:42.540`)
* [CVE-2021-28477](CVE-2021/CVE-2021-284xx/CVE-2021-28477.json) (`2023-12-29T01:15:42.733`)
* [CVE-2021-28480](CVE-2021/CVE-2021-284xx/CVE-2021-28480.json) (`2023-12-29T01:15:42.943`)
* [CVE-2021-28481](CVE-2021/CVE-2021-284xx/CVE-2021-28481.json) (`2023-12-29T01:15:43.157`)
* [CVE-2021-28482](CVE-2021/CVE-2021-284xx/CVE-2021-28482.json) (`2023-12-29T01:15:43.337`)
* [CVE-2021-28483](CVE-2021/CVE-2021-284xx/CVE-2021-28483.json) (`2023-12-29T01:15:43.510`)
* [CVE-2023-43314](CVE-2023/CVE-2023-433xx/CVE-2023-43314.json) (`2023-12-29T01:15:43.687`)
* [CVE-2023-51764](CVE-2023/CVE-2023-517xx/CVE-2023-51764.json) (`2023-12-29T02:15:45.130`)
* [CVE-2023-29486](CVE-2023/CVE-2023-294xx/CVE-2023-29486.json) (`2023-12-29T02:20:40.423`)
* [CVE-2023-29485](CVE-2023/CVE-2023-294xx/CVE-2023-29485.json) (`2023-12-29T02:21:17.843`)
* [CVE-2023-46624](CVE-2023/CVE-2023-466xx/CVE-2023-46624.json) (`2023-12-29T02:56:36.643`)
## Download and Usage